Note |
---|
NOTE: CustomerID versions older than 6.1 are not compatible with SSO 9.1. So before proceeding with this step after SSO installation you need to download the respective CustomerID installation package from Identity Server 2022.2 release. |
Ubisecure CustomerID package includes the CustomerID SSO Adapter extension to SSO (it was previously called Ubisecure CustomerID Authorizer). It needs to be installed so that role based policies can be utilized in CustomerID. It also includes functionality related to user driven federations.
...
After upgrading SSO (as instructed in page Upgrading SSO in Linux), prior to removing the temporary ubilogin-sso-old folder, go to the folder containing the old configuration files:
Code Block language text cd /usr/local/ubisecure/ubilogin-sso-old/ubilogin/webapps/uas/WEB-INF/
Copy the existing configuration files to the new installation folder:
Code Block language text cp -a attribute-prefix.index /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/ cp -a eidm2-authorizer.properties /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/
Note NOTE: If you are upgrading from an installation where the previous CustomerID SSO Adapter has been from a CustomerID version older than 5.0.x then you need to check the
attribute-prefix.index
configuration file contents. The value for theeimd
property has changed fromcom.ubisecure.customerid.authorizer.EIDM2Authorizer
tocom.ubisecure.customerid.authorizer.CidAuthorizer
.Define UBILOGIN_HOME environment variable for the SSO server so that it points to the SSO installation path:
/usr/local/ubisecure/ubilogin-sso/ubilogin
Code Block language text export UBILOGIN_HOME=/usr/local/ubisecure/ubilogin-sso/ubilogin
- Transfer the
cid-sso-adapter-package-x.x.x-linux.tar.gz
file to the SSO server and extract it for example under the following folder:/usr/local/ubisecure
Run the CustomerID SSO Adapter update script:
Code Block language text cd /usr/local/ubisecure/cid-sso-adapter ./update.sh
The CustomerID SSO Adapter jar files will be integrated to the SSO installation.
Remove older versions of duplicate jar files from SSO:
/usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/lib
Note NOTE: If you are upgrading from an installation where the previous CustomerID SSO Adapter has been from a CustomerID version older than 5.0.x then you need to remove old CustomerID Authorizer files. The files that need to be removed are:
commons-lang.jar, eidm2-authorizer.jar, eidmutil.jar, json-simple.jar
andjsr305.jar
. Remove the files from these folders:/usr/local/ubisecure/ubilogin-sso/tomcat/webapps/uas/WEB-INF/lib
and/usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/lib
Note NOTE: If you are upgrading from an installation where the previous CustomerID SSO Adapter has been from a CustomerID version 5.0.x or newer then you may need to remove old versions of CustomerID SSO Adapter related jar files. The files that need to be checked are:
cid-model-x.x.x.jar, cid-sso-adapter-x.x.x.jar, cid-util-x.x.x.jar, commons-lang3-x.x.jar, guava-x.x.jar
andjson-simple-x.x.x.jar
. Remove the old versions of these files from these folders:/usr/local/ubisecure/ubilogin-sso/tomcat/webapps/uas/WEB-INF/lib
and/usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/lib.
The removal should be done after running theupdate.sh
script.Run update on SSO in order to finalize the installation of the CustomerID SSO Adapter. This can be done with the following command:
Code Block language text /usr/local/ubisecure/ubilogin-sso/ubilogin/config/tomcat/update.sh
Ensure that the SSO diagnostics diagnostic log (
uas3sso_
diag.yyyy-mm-dd.log
, which is by default located at/usr/local/ubisecure/ubilogin-sso/ubilogin/logs
) contains the following rows (with the current time):Code Block language text 20162022-0910-2006 1307:3325:1725,465711 uas init INFO CustomerID Authorizer started 20162022-0910-2006 1307:3325:1725,465711 uas authz INFO eidm.authorizer: CidAuthorizer init started. 20162022-0910-2006 1307:3325:1726,606083 uas init INFO CustomerID SQL: customeriddb PostgreSQL x12.x.x8 20162022-0910-2006 1307:3325:1726,632130 uas authz INFO eidm.authorizer: CidAuthorizer init done. 20162022-0910-2006 1307:3325:1726,632130 uas init INFO eidm: com.ubisecure.customerid.authorizer.CidAuthorizer: started
...